Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/35azMZB5pNeqXQrP_P8SwZ9Bc-0.roa
File: 35azMZB5pNeqXQrP_P8SwZ9Bc-0.roa (raw, json)
Hash identifier: vj/G8YNlLU/Ab5kUPady2DGRnc4DcBc4iK04jOd3muQ=
Subject key identifier: DF:96:B3:31:90:79:A4:D7:AA:5D:0A:CF:FC:FF:12:C1:9F:41:73:ED
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0193F79D0CCDA327D521C7D004549EAFB356
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/35azMZB5pNeqXQrP_P8SwZ9Bc-0.roa
Signing time: Tue 24 Dec 2024 07:41:24 +0000
ROA not before: Tue 24 Dec 2024 07:41:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201453
IP address blocks: 185.74.192.0/24 maxlen: 24
185.112.78.0/24 maxlen: 24
185.163.164.0/22 maxlen: 22
185.163.164.0/24 maxlen: 24
185.163.165.0/24 maxlen: 24
185.163.166.0/24 maxlen: 24
185.163.167.0/24 maxlen: 24
185.178.80.0/22 maxlen: 22
185.178.80.0/24 maxlen: 24
185.178.81.0/24 maxlen: 24
185.178.82.0/24 maxlen: 24
185.178.83.0/24 maxlen: 24
185.183.16.0/24 maxlen: 24
185.183.17.0/24 maxlen: 24
185.183.18.0/24 maxlen: 24
185.194.24.0/24 maxlen: 24
185.194.26.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.219.216.0/22 maxlen: 22
185.225.148.0/24 maxlen: 24
2a05:4ac0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f7:9d:0c:cd:a3:27:d5:21:c7:d0:04:54:9e:af:b3:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Dec 24 07:41:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df96b3319079a4d7aa5d0acffcff12c19f4173ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e4:f7:a4:56:93:34:d7:d0:dc:fd:48:6e:cf:
26:2b:33:eb:82:d7:f3:7b:1d:37:4e:bf:71:a6:75:
81:37:d0:98:dd:54:db:a1:e4:5f:d4:7e:26:9b:ee:
d6:3e:20:31:10:c6:19:6b:fa:cd:a8:04:2c:82:dc:
43:a4:34:13:38:f5:39:10:86:a8:81:ee:65:5b:49:
8e:10:79:0d:e3:d8:e1:8f:66:34:d6:30:3d:67:46:
16:4c:fe:55:0e:4a:77:96:01:91:7e:6c:02:da:8c:
95:4b:f7:d4:85:7b:da:cf:46:63:75:8e:44:00:46:
34:3d:f3:07:ab:38:2f:c7:f0:3e:4f:d0:35:55:b7:
25:31:d4:93:30:26:b8:a1:a8:81:18:6a:5d:37:75:
b2:74:28:eb:9f:f4:84:36:f8:48:f4:bf:ff:33:ef:
4a:5b:8a:5c:11:fc:83:d9:71:b6:e1:5b:14:12:8b:
af:79:ec:32:94:17:40:fe:c5:07:97:20:95:f4:d8:
cf:f6:04:45:53:6f:dd:d6:c2:d3:ec:57:af:a4:f8:
97:04:d8:bb:b3:a6:24:5b:a0:73:8d:07:ff:a5:76:
6b:32:5b:71:99:21:d0:0f:66:b9:4c:77:9b:10:85:
a3:9b:b5:c3:82:38:f5:64:0b:1a:f7:5a:1e:d2:29:
4b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:96:B3:31:90:79:A4:D7:AA:5D:0A:CF:FC:FF:12:C1:9F:41:73:ED
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/35azMZB5pNeqXQrP_P8SwZ9Bc-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.74.192.0/24
185.112.78.0/24
185.163.164.0/22
185.178.80.0/22
185.183.16.0-185.183.18.255
185.194.24.0/24
185.194.26.0/23
185.219.216.0/22
185.225.148.0/24
IPv6:
2a05:4ac0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:24:18:34:fe:d1:51:96:47:8d:0c:8d:e3:e8:c4:5c:5b:7a:
a5:fa:7f:55:8f:30:64:42:5f:98:0c:de:93:63:d3:51:2d:cb:
a9:35:21:bd:72:7b:b7:3c:e2:3c:eb:3e:c3:bf:69:4d:1e:60:
59:10:51:0a:c8:23:ff:2c:3b:cf:ca:95:70:6e:f0:3d:96:86:
a1:0a:84:15:67:1c:bc:a1:a3:61:1a:ee:3b:ec:29:d9:3d:0e:
63:65:b9:54:b5:d4:af:97:b6:39:b5:23:19:c2:a6:63:54:d9:
6a:d0:99:33:2f:09:61:40:3f:26:47:5d:dc:ae:27:a0:cb:16:
c2:b4:d7:45:dc:ee:00:fb:22:80:cc:24:52:80:3f:52:3e:68:
bb:94:1d:81:7f:54:e4:67:e8:15:50:b7:24:ca:ab:67:ae:22:
65:b8:70:29:05:f5:a4:b8:ac:47:00:60:30:c9:f5:ca:04:49:
85:a2:8e:e2:84:f4:73:f5:15:8d:90:04:42:59:b1:ce:00:62:
a0:c0:61:82:40:63:df:6a:3b:7c:84:d1:e2:19:ce:5c:56:91:
ef:93:2d:0e:8e:62:e2:c5:39:49:cc:ad:a0:a3:70:71:c2:c6:
6d:bd:43:0b:1f:bb:dc:c0:29:a9:2e:c7:a9:d4:07:08:42:c2:
fe:fa:41:cd
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZP3nQzNoyfVIcfQBFSer7NWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjQxMjI0MDc0MTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjk2YjMzMTkwNzlhNGQ3YWE1ZDBhY2ZmY2ZmMTJjMTlmNDE3M2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOT3pFaTNNfQ3P1Ibs8mKzPrgtfz
ex03Tr9xpnWBN9CY3VTboeRf1H4mm+7WPiAxEMYZa/rNqAQsgtxDpDQTOPU5EIao
ge5lW0mOEHkN49jhj2Y01jA9Z0YWTP5VDkp3lgGRfmwC2oyVS/fUhXvaz0ZjdY5E
AEY0PfMHqzgvx/A+T9A1VbclMdSTMCa4oaiBGGpdN3WydCjrn/SENvhI9L//M+9K
W4pcEfyD2XG24VsUEouveewylBdA/sUHlyCV9NjP9gRFU2/d1sLT7FevpPiXBNi7
s6YkW6BzjQf/pXZrMltxmSHQD2a5THebEIWjm7XDgjj1ZAsa91oe0ilLPwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFN+WszGQeaTXql0Kz/z/EsGfQXPtMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvMzVhek1aQjVwTmVxWFFyUF9QOFN3WjlCYy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQAuUrAAwQA
uXBOAwQCuaOkAwQCubJQMAwDBAS5txADBAC5txIDBAC5whgDBAG5whoDBAK529gD
BAC54ZQwDQQCAAIwBwMFACoFSsAwDQYJKoZIhvcNAQELBQADggEBAJ0kGDT+0VGW
R40MjePoxFxbeqX6f1WPMGRCX5gM3pNj01Ety6k1Ib1ye7c84jzrPsO/aU0eYFkQ
UQrII/8sO8/KlXBu8D2WhqEKhBVnHLyho2Ea7jvsKdk9DmNluVS11K+Xtjm1IxnC
pmNU2WrQmTMvCWFAPyZHXdyuJ6DLFsK010Xc7gD7IoDMJFKAP1I+aLuUHYF/VORn
6BVQtyTKq2euImW4cCkF9aS4rEcAYDDJ9coESYWijuKE9HP1FY2QBEJZsc4AYqDA
YYJAY99qO3yE0eIZzlxWke+TLQ6OYuLFOUnMraCjcHHCxm29Qwsfu9zAKakux6nU
BwhCwv76Qc0=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:34 2025 by rpki-client